W09«27155 



PCT/US%/a2303 



information regarding said user's use of at least a portion of said 
digital information. 

223. A secure method for regulating electronic conduct and 
commerce characterized by a step of distributing intei^perable 
protected processing environments and circulating amongst 
plural recipients of said protected processing environments 
software containers containing digital content and related 
content control information prepared for use by at least a portion 
of said protected processing environments, wherein said method 
includes Hie farther step of regulating the use at least some of 
said digital content based, at least in part, on the secure 
processing of at least a portion of said control infonnation 
through the use of at least one protected processing environment. 

224. A secure system for regulating electronic conduct and 
commerce characterized by: 

distributed interoperable protected processing 
environments, 

means for circulating, amongst said protected processing 
environments, software containers containing digital content and 
related content control information prepared for use by at least a 
portion of said protected processing environments, and 

means within at least some of the protected processing 
environments for regulating the iise at least some of said digital 
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content based, at least in part, on the secure processing of at 
least a portion of said control inforination. 

225. A method of electronic commerce networkmg for 
enabling a secure electronic retail environment characterized by 
the step of supplying user ciertified control information, smart 
cards, secure processing units, and retailing terminal 
arrangements networked together using VDE communication 
techniques and secure software containers. 

226. An electronic conmierce networkbog system for 
enabling a secure electronic retail environment characterized by: 

means for networking together smart cards, secure 
processing tmits, and retailing tenninal arraiigements; and 

means for making the smart cards, secure processing units, 
and retailing tenninal arrangements interoperable witii one 
another and with VDE communication techniques and secure 
software containers. 

227 A method of enabhng electronic commerce appUances 
for securely administering user rights in commerce activities 
characterized by the step of providing to users at least a portion 
of a VDE node contained within a physical device, said device 
being Configured to be compatible with mating connectors in host 
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systems for sux^porting secure, interoperable transaction activity 
between plural parties. 

228. A system for securely administering \^ 
commerce activitieis comprising a physical device includhig at 
least a portion of a portable VD£ node, said device being 
configured to be compatible with seating connectors in host 
systems for supporting secure, interoperable transaction activity 
between plural parties. 

229. A method for enabling a programmable, electronic 
coxmnerce environment characterized by the step of providing to 
multiple parties secure commerce nodes that securely process 
separate, modular component billing management methods, 
budgeting management methods, metering management 
methods, and related auditing management methods and further 
characterized by the step of supporting triggering of metering, 
auditing, billing, and budgeting methods in response to electronic 
commerce event activities. 

230 A programmable, electronic commerce environment 
characterized by secure commerce nodes each including: 

means for securely processing separate, modular 
component billing management methods, budgeting management 
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meiliods, meteriag management methods, and related auditing 
management medibds, and 

means for supporting triggering of meterij^ 
billing, and budgeting methods in response to electronic 
commerce event activities. - 

23 i. An electronic commerce system including modular, 
standardized control components comprising electronic commerce 
event control instructions stipulated by commerce participants, 
and plural electronic appliances containing one or more secure 
processing units which process at least a portion (rf such 
commerce event control instmictions, said system further 
containing one or more databases, operatively connected to at 
least one of the secure processing units, for at least in part 
securely storing ^t least a portion of such control instructions for 
use by said at least one secure processing unit. 

232. In an electronic commerce system including modular, 
standardized control components comprising electronic commerce 
event control instructions stipulated by commerce participants, 
and plural electronic appHances containing one or more secure 
processing units which process at least a portion of such 
commerce event control instructions, a method characterized by 
the step of providing one or more secure databases, operatively 
connected to at least one of the secure processing units, and at 
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least in part securely storing, within the secure databases, at 
least a portion of such control instructions for use by said at least 
one secure processing unit. 

233. A content distribution system comprising phiral 
electronic ai)pliances containing one or more interoperable secure 
processing tmits operatively connected to one or more databases 
for use with at least one of said secure processing units, said one 
or more databases containing (a) one or more decryption keys for 
use in deciypting distributed, encrypted digital information, and 
(b) encrypted audit information, said audit information reflecting 
at least one aspect of use of said distributed digital information 

234. A content distribution method comprising: 
distributing plural electronic appliances containing one or 

more interoperable secure processing units 

operatively connecting the appHances to one or more 
databases, 

storing within said one or more databases one or more 
decryption keys, 

using the decryption keys for decrypting distributed, 
encrypted digital information, and 

storing within the one or more databases encrypted audit 
information, said audit information reflecting at least one aspect 
of use of said distributed digital information. 
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235. An eledaiomc currency system comprising plw^ 
electronk appUances containing (a) protected processing 
environments, (b) encrypted electronic currency and related 
secure control information configured so as to be useable by at 
least one of said protected processing enwonments, and (c) 
usage reporting means for securely communicating electronic 
currency usage related information from a first interoperable 
protected processing environment to a second interoperable 
protected processing environment. 

236. An electronic currency method comprising: 
distributing plural, electronic appliances containing (a) 

protected processing eiivironments, (b) encrypted electronic 
currency and related secure control information configured so as 
to be useable by at least one of said protected processing 
environments, and 

securely communicating electronic currency usage related 
information fix)m a first interoperable protected processing 
environment to a second interoperable protected processing 

environment. 

237. A method for electronic financial activities 
characterized by the steps of: 
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rnnriTminififtting digital rnnf.p^Tnti*r8 COntaming 

financial information from a first interoperable 
secure node to a second interoperable secure node, 
communicating modiilar, standard control 
information to said second secure node to, at least in 
part, set the conditions for use of at least a portion of 
said financial information, 

reporting information related to said use to said first 
interoperable secure node. 

238. A system for electronic financial activities 
characterized by: 

means for communicating digital containers containing 
financial information from a first interoperable secure node to a 
second interoperable secure node, 

means for communicating modxilar, standard control 
information to said second secure node, 
means at the second node for, at least in part, settLng the 
conditions for use of at least a portion of said financial 
information, and 

means for reporting information related to said use fix>m 
the second secure node to said first interoperable secure node. 

239. A method for electronic currency management 

m 

including: 
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commtuiicatiiig encrypted electronic currency fix)in a first, 
interoperable secure user node to a second interoperable user 
node using at least one secure container, and 

providing secure control information for use with said at 
least one secure container, said secure control information, at 
least in part, maintaining conditionally anonymoxis currency 
usage information. 

240. A system for electronic cxirrency management 
including: 

means for conmranicating encrypted electronic currency 
from a first, interoperable secure user node to a second 
interoperable user node using at least one secure container, and 

means for providing secure control information for use with 
said at least one secure container, said secure control 
information, at least in part, maintaining conditionally 
anonymous currency usage information. 

241. A method for electronic financial activities 
management characterized by the steps of: 

securely communicating from a first secure node to a 
second secure node financial information standardized control 
information for controlling the use of financial information used 
in a financial value chain^ 
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securely coxnmumcatiilg from said first secure node to a 
third secure node said finandal information standardized control 
information for controlling the use of financial infonnation used 
in a financial value chain^ 

secvirely communicating encrypted financial information 
firom said second secure node to said third secure node, including 
commtmicating secure control information, 
processing said financial information at said third node at least 
in part through the use of secure control information supplied by 
said first and said second secure nodes, wherein said 
standardized control information is at least in part stored in a 
secure database contained within said third secure node. 

242. A system for electronic financial activities 
management characterized by the steps of: 

means coupled to a first and a second secure node for 
seciirely communicating firom said first secure node to said 
second secure node financial information standardized control 
information for controlling the use of financial information used 
in a financial value chain, 

means coupled between the first secure node and a third 
secure node for securely communicating from said first secure 
node to said third secure node said financial information 
standardized control information for controlling the use of 
financial information used in a financial value chain, 
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meanB coupled between the second and third nodes for 
securdy communicating encrypted fi na nc ial iiifoniuition finm 
said second secure node to said third secure node, including 
communicating secure control infonnation, and 

means at tiie third node for processing said fi naTi c ial 
information at said third node at least in part through the use of 
secure control infonnation supplied by said first and said second 

secure nodes, and 

a secure database at the third node for at least in part 
storing said standardized control information, 

243. A method of information management characteiized 
by the steps of creating at least one smart object at a first 
location, protecting at least a portion of said smart object 
including protecting at least one rule and/or control assigned to 
said smart object, distributing said at least one smart object to at 
least one second location, securely processing at least a portion of 
the contents of said at least one smart object at said at leaist one 
second location in accordance with at least a portion of at least 
one said rule and/or control assigned to said smart object. 

244. An informlEition management system characterized 

by: 

means for creating at least one smart object at a first 
location. 
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meanB for protecting at least a portion of said smart object 
including means for protecting at least one rule and/or control 
assigned to said sniart object, 

means for distributing said at least one smart object to at 
least one second location/ and 

means for securely processing at least a portion of the 
contents of said at least one smart object at said at least one 
second location in accordance with at least a portion of at least 
one said rule and/or control assigned to said smart object* 

245. An object processing system comprising at least one 
secure object containing at least in part protected executable 
content and at least one at least in part protected rule and/or 
control associated with operations related to the execution of 
such content, and at least one secure execution environment for 
processing the executable content in accordance with at least a 
portion of at least one of said at least one associated rule and/or 
control. 

246. An object processing method comprising: 
providing at least one secure object containing at least in 

part protected executable content and at least one at least in part 
protected rule and/or control associated with operations related 
to the execution of such content, 
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processing, within at leaist one secure execution 
environment, the executable content in accordance with at least a 
portion of at least one of said at least one associated rule and/or 
control. 

247. A rights distributed database environment including 
(a) means allowing one or more central authorities to establish 
control information for use of encrypted digital information, (b) 
interoperable database management systems at plural user sites 
for securely storing conlxol information and audit information, (c) 
secure communication means for securely commmaicating control 
information and audit information between user sites, and (d) 
centralized database means for compiling and analyzing usage 
information firom plural user sites. 

248. Within a rights distributed database environment, a 
method characterized by the following steps: 

establishing control infonnation for use of encrypted digital 

information, 

securely storing, within interoperable database 

management systems at plural user sites, control information 
and audit information, 

securely communicating control information and audit 
information between user sites, and 
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compiling and analyzing usage information firom plural 
user sites. 

249. A method of distributed database searching 
characterized by the steps of creating at least one secuire object 
containing search criteria, transmitting at least one such secure 
object to one or more second locations to perform database 
searches in accordance with at least one rule and/or control, 
processing at least one database search based at least in part on 
the search criteria within a secxnre object in accordance with at 
least a portion of at least one of the said at least one associated 
rule and/or control, storing database search results in the same 
and/or one or more new secure objects, and transmittiag the 
secure object containing search results to the first location. 

250. A method as in claim 247 further characterized by the 
additional step of associating at least one additional rule and/or 
control with the search results for establishing at least one 
condition related to the use of at least one portion of said search 
results. 

251. A system for distributed database searching 
characterized by : 

means for creating at least one secure object containing 
search criteria, 
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means for trangTOii±mg at least one such secure object to 
one or more second locations to perform database searches in 
accordance with at least one rule and/or control, 

means for processing at least one database search based at 

least in part on the search criteria within a secure object in 
accordance with at least a portion of at least one of the said at 
least one associated rule and/or control, 

means for storing database search results in the same 
and/or one or more new secure objects, and 

means for transmitting the secure object containing search 
residts to the first location. 

252. A system as in claim 249 further characterized by 
means for associating at least one additional rule and/or control 
with the search results for establishing at least one condition 
related to the use of at least one portion of said search results. 

253. A rights management system comprising protected 
information, at least two protected processing arrangements, and 
a rights management language that allows the expression of 
permitted operations and the consequences of performing such 
operations on at least a portion of the information processed at 
least in part by at least one of the protected processing 
arrangements. 
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254. A rights management method comprising: 
providing protected information for processing by at least 

two protected processing arrangements, and 

expressing, in a rights management language, permitted 
operations and the consequences of performing such operations 
on at least a portion of the information processed at least in part 
by at least one of the protected processing arrangements. 

255. A method of protecting digital infonnatidn 
characterized by Hie steps of encrypting at least a portion of the 
information, using a rights management language to describe ihe 
conditions related to use of the information, distributing at least 
a portion of such information and at least a portion of such rights 
language expressed conditions to one or more recipients, using an 
electronic appliance arrangement including at least one protected 
processing arrangement to securely govern at least a portion of 
the use of such information. 

266. A system for protecting digital information 

characterized by: 

means for encrypting at least a portion of the information, 
means for using a rights management language to describe 

the conditions related to use of the information, 
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means for distributiiig at least a portion of such 
information and at least a portion of such ri^ts language 
e3q)ressed conditions to one or more recipients, and 

an electronic appliance arrangement including at least one 
protected processing arrangement for securely governing at least 
a portion of the use of such information. 

257- A distributed digital infonnation management system 
comprising software components, a rights management language 
for expressing processing relationships between two or more of 
the software components, jprotected processing means for at least 
a portion of the software components and at least a portion of the 
rights management expressions, means for protecting content, 
means for creating software objects that relate protected content 
to rights management expressions, and means for delivering 
protected content, rights management expressions, and such 
software objMts from a providing location to a user^s location. 

258. A distributed digital information management 

method comprising: 

expressing, in a rights management language, processing 
relationships between two of more of the software components, 

processing, within at least one protected environment, at 
least a portion of the software components and at least a portion 
of the rights management expressions, 
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protecting content, 

creating software objects that relate protected content to 
rights management expressions/and 

delivering protected content^ rights management 
expressions; and such software objects from a providing Ideation 
to a user^s location. 

259. An authentication system comprising at least two 
electronic appliances, at least two digital certificates reflecting 
identity information encrypted using different certifying private 
keys where such certificates are stored in a first electxoxdc 
appUance, communications means for transmittizig and receiving 
signals between electronic appHances, means for dete rmining 
compromised and/or expired certifying private keys operatively 
coimected to a second electronic appHance, means for the second 
electronic apphance to request transmission of one of the digital 
certificates ft-om the first electronic appliance based at least in 
part on such determination, and means operatively connected to 
such second electronic appHance for decrypting such certificate 
and determining such certificate's vaHdity and/or the validity of 
identity information. 

260. In a system comprising at least two electronic 
appUances, an authenticatiiig method comprising: 
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issuing at least two digital certificates rieflec^^ 
identificatidn information, including the step of encrypting the 
two certificates using diflferent certifying private keys, 

storing the certificates in a first electronic appliance, 
transmitting imd receiving signals between electronic 
appliances, 

determining compromised and/or expired certifying private 
keys operatively connected to a second electronic appliance, 

requesting, with the second electronic appliance, 
transmission of one of the digital certificates fi-om the first 
electronic appliance based at least in part on such determination, 

decrypting such certificate with the second electronic 

appliance, and 

determining such certificate's vaUdity and/or the validity of 
identity information. 

261. An authentication system comprising at least two 
electronic appUances, at least two digital certificates reflecting 
identify information encrypted using difi'erent certifying private 
keys where such certificates are stored in a first electronic 
appUance, communications means for transmitting and receiving 
signals between electronic appliances, means for a second 
electronic appUance to request transmission of one of the digital 
certificates from the first electronic appUance wherein the 
selection of which certificate is requested is based at least in part 
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on a random or pseudo-random number^ means operatively 
connected to such second electronic appliance for decrypting such 
certificate and determining such certificate's validity and/or the 
validity of identity information. 

262. In a system comprising at least two electronic 
appUances, an authenticating method comprising: 

issuing at least two digital certificates reflecting identify 
information, including the step of encrypting the two digital 
certificates iising different certdfyiiig private keys, 

storing such certificates in a first electronic appliance, 
transmitting and receiving signals between electronic 
appliances, 

requesting, with a second electronic appliance, 
transmission of one of the digital certificates fit)m the first 
electronic appliance, including the step of selecting a certificate 
based at least in part on a random or pseudo-random nimiber, 

decrypting such certificate with the second electronic 

appHance; and 

determining such certificate's validity and/or the vaHdity of 
identity information. 

263. A method of secure electronic mail characterized by 
the steps of creating at least one electronic message using an 
interoperable protected processing environment, encrypting at 
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leaat a portion Of said at least one message/securely assodati^ 
one or more sets of control information witii one or more 
messages to set at least one condition for the use of said at k^^^ 
one message, communicating the protected electronic messages 
one or more redpients having protected processing environment 
securely communicating at least one set of the same or differing 
control infomation to eadi redpient. enabling redpients of botii 
control information and protected messages to use message 
iirformation at least in pmt in accordance with the conditio^^ 

specified by the control information. 

264. A system for secure electronic mail including multiple 
protected processing environments, tiie system diaracterized by: 

a first protected processing environment for creating at 
least one electronic message, tiie first environment including 
xneans for encrypting at least a portion of said at least one 
message, means for securely associating one or more sets of 

control information with one or more messages to set at least one 
condition for the use of said at least one message, and me^^ 
communicating the proterted electronic messages to one or more 
pients having interoperable protected processing 
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environments, 

means for securely communicating at least one set of the 
same or difi^ering control information to each recipient, and 
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means for enabling redpients of both 
and protected inesBages to use message information at least in 
part in accordance with the conditions specified by the control 
information. 

265. A method of information management characterized 
by the steps of protepting content from unauthorized use, 
securely associating enabhng control iiiformation with at least a 
portion of such protected content wherein such enabling control 
information incorporates information describing how the 
enabling control information may be redistributed, delivering at 
least a portion of the protected content to a first user, deUvering 
such enabling control information to such first user, receiving a 
request to redistribute such enabling control information firom 
such first user, using the description of how enabling control 
information may be redistributed to create new enabling control 
information where such new enabling control information may be 
the same or different than the enabling control inforination 
received by such first user, delivering the new enabling control 
information and/or protected information to a second user. 

266. An information management system characterized 

by: 

means for protecting content firom imauthorized use^ 
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means for seciarely assodatmg enabling control 
information wiili at least a portion of such protected content, 
including means for incorporating enabling control informatibn 
describing how the enabling control information may be 
redistributed, 

means for deUvering at least a portion of the protected 

content to a first user, 

means for dehvering such enabling control information to 

such first user, 

means for receiving a request to redistribute such enabling 

control information firom such first user, 

means for using the description of how enabling control 
information may be redistributed to create new enabhng control 

information where such new enabling control information may be 
the same or different than the enabhng control information 

received by such first \iser, and 

means for dehvering the new enabhng control information 
and/or protected information to a second user. 

267. A method of controlhng redistribution of distributed 
digital infonnation including the steps of encrypting digits 

information, distributing said encrypted digital information from 
a first party to a second party, establishing control information 
regarding the redistribution of at least a portion of said encrypted 
digital information ft-om said second party to at least one third 
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party, regulating the redistribution of said at least a portion of 
said encrypted digital information through the use of a protected 
processing environment processing said control information. 

268. A system for controlling redistribution of distri 
digital infonnatidn including: 

means for encrypting digitcd information, 

means for distributing said encrypted digital information 

from a first party to at least one second party, 

means for establishizig control information regarding the 

redistribution of at least a portion of said encrjrpted digital 

information from said second party to at least one third party, 

and 

a protected processing environment for processing said 
control information and for regulating the redistribution of said 
at least a portion of said enaypted digital information. 

269. A method of controlling a robot characterized by the 
steps of creating instmctions for one or more robots, creating a 
sectu^ container incorporating such instructions, associating 
control infonnation with such secure container, incorporating at 
least one secure processing imit into such one or more robots, and 
performing at least a portion of such instructions in accordance 
with at least a portion of such control information. 
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270. A method as ill claim 267 further charac^ 

that such control information includes information describing the 
conditions under whidi such instructions may be used and the 
nature of audit reports required when such instructions are 
performed. 

271. A robot coniarol system characterized by; 
means for creating instructions for one or more robots, 
mesuis for creating a secure container incorporating such 

instructions, 

means for associatihg control information with such secure 
container, 

means for incorporating at least one secure processing unit 
into such one or more robots, and 

means for performing at least a portion of such instructions 
in accordance with at least a portion of such control information. 

272 A system as in claim 269 further characterized by 
means for creating such control information, including means for 
desoibing the conditions under which such instructions may be 
used and the nature of audit reports required when such 
instructions are performed. 

273. A method of detecting fraud in electronic commerce 
characterized by the steps of creating at least one secure 
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contaiaer, associating control information with such one or more 
containers inchiding control information requiring that audit 
information be collected and transmitted to an auditing party^ 
delivering such one or more containers and such control 
information to at least one user, recording information ^ 
identifying each container and each such user, receiving audit 
information, creating a profile of usage based at least in part on 
such received audit information and/or such control information, 
detecting cases where certain audit information differs at least in 
part jBrom such profile of usage. 

274, A system for detecting fraud in electronic conunerce 

characterized by 

means for creating at least one secure container, 

means for associating control information with such one or 

more containers including control information requiring that 

audit information be collected and transmitted to an auditing 

party, 

means for delivering such one or more containers and such 
control information to at least one user, 

means for recording information identifying each container 
and each such \iser, 

means for receiving audit information, 
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means for creating a profile of usage based at least in part 
on such received atidit information and/or such control 

information, and 

means for detecting cases where certain audit information 
differs at least in part from such profile of usage. 

275. A method of detecting fraud in electronic commerce 
characterized by the steps of distributing at least in part 
protected digital information to customers, distributing one or 
more rights to use at least a portion of such digital information 
across an electronic network, allowing a customer to use at least 
apart of said at least in part protected digital information 
through the use of a protected processing environment and at 
least one of said one or more distributed rights, detecting 
unusual usage activity related to use of said digital information. 

276. A system for detecting fraud in electronic commerce 

characterized by 

means for distributing at least in part protected digital 

information to custoniers, 

means for distributing one or more rights to use at least a 
portion of such digital information across an electronic network, 

a protected processing environment for allowing a 
customer to use at least a part of said at least in part protected 
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digital information through at least one of said one or more 
distributed rights, and 

means for detecting unusual usage activity related to use 
of said digital information- 

277, A programmable component arrangement comprising 
a tamper resistant processing environment including a 
microprocessor, memory, a task manager, memory manager and 
external interface controller, means for loading ait 
components at least in part into the memory, means for initiating 
one or more tasks associated with processing such components, 
means for certifying the validity, integrity and/or trustedness of 
such components, means for creating arbitrary components, 
means for associating arbitrary events with such created 
components, means for certifying the validity, integrity and/or 
trustedness of such created components, and means for securely 
dielivering suich created components. 

278. In a programmable component arrangement 
comprising a tamper resistant processing environment including 
a microprocessor, memory, a task manager, memory manager 
and an external interface controller, a processing method 
characterized by the following steps: 

crieating arbitrary components, 

associating arbitrary events with such created components, 
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loading the arbitrary componenta at least in part into the 
memory, 

Initiating one or more tasks associated with processing 
such loaded components, 

certifying the vaKdity, integrity and/or trusl^d^^ 
created components, and 

sectirely delivering such created components. 

279, A distributed, protected, programmable component 
arrangement comprising at least two tamper resistant processing 
environments including a microprocessor, memory, a task 
manager, memory manager and external interface controller, 
means for loading arbitrary components at least in part into the 
memory, mecuns for initiating one or more tasks associated with 
processing such components, and means for certifying the 
validity, integrity and/or trustedness of such components, said 
arrangement further comprising means for creating arbitrary 
components, means for associating arbitrary events with such 
created components, means for certifying the validity, integrity 
and/or trustedness of such created components, means for 
securely deUvering such created components between at least two 
of said at least two tamper resistant processing enviromnents. 

280. In a distributed, protected, programmable component 
arrangement comprising at least two tamper resistant processing 
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enviro T^Tn entfi induding a microprocesBor^ memory, a task 
manager, memoiy manager and external inteiface controller, a 
method comprising 

creating arbitraiy components, 
certifying the validity, integrity and/or trustedness of such 
components, 

loading arbitrary components at least in part into the 
memory, 

initiating one or more tasks associated with processing 
such components, 

associating arbitrary events with such created components, 

and 

securely delivering such created components between at 
least two of said at least two tamper resistant processing 
environments, 

281. An electronic appliance comprising at least one CPU, 
memory, at least one system bus, at least one protected 
processing environment, and at least one of a Rights Operating 
System or Eights Operating System layer associated with a host 
operating system. 

282. An operating system comprising at least one task 
manager, at least one memory manager, at least one input/output 
manager, at least one protected processing environment, means 
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for detectdxig events, means for assodatizig events with rights 
control functions, means for performing rights control functions 
at least in part within such one or more protected proceissing 
enviroiunents. 

283. In an operating system coniprising at least one task 
manager, at least one memoiy manager, at least one input/output 
manager, at least one protected processing environment, an 
operating method comprising: 

detecting events, 

associating events with rights control fixnctions, and 
performing rights control functions at least in part within 
such one or more protected processing environments. 

284. A method of business automation characterized by 
the steps of creating one or more secure containers including 
accoxmting and/or other administrative information, associating 
control information with such one or more secure containers 
including a description of (a) the one or more parties to whom the 
container may and/or must be deUvered and/or (b) the operations 
that one or more parties may and/or must perform with respect to 
such accoimting and/or other administrative information, 
dehvering one or more of such containers to one or more parties, 
and enabling the description and/or enforcement of at least a 
portion of such control information prior, during and/or 
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information by one or more parties. 

285. A method as in claim 282 where such control 
information further includes at least one requirement lliat audit 
information be collected and delivered to one or more auditing 
parties, and further includes the step of delivering at leiast sl 
portion of such audit information to one or more parties. 

286. A method as in claim 283 where at least a portion of 
such audit information is automatically processed by at least one 
of such auditing parties, and further includes the step of 
transmitting further accounting, administrative and/or audit 
information to one or more parties that may be the same and/or 
differ from the one or more parties from whom audit information 
was received based at least in part on the receipt and/or content 
of such received audit information. 

287. A method as in claim 282 where at least two of such 
parties are associated with different businesses and/or other 
organizations and such control information includes information 
that at least in part describes an accounting, administrative, 
reporting and/or other audit relationship between such 
businesses and/or other organizations. 
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288. A method as in daim 282, 283, 284, or 285 where 
some or all of such accotmting and/or other jadministrative 
iuformatioii is included in such control information, 

289. A business automation system characterized by: 
means for creating one or more secure containers including 

accounting and/or other administrative information, 

means for associating, with such one or more secure 
containers, control information including a description of (a) the 
one or more parties to whom the container may and/or must be 
delivered and/or (b) the operations that one or more parties may 
and/or must perform with respect to such accounting and/or other 
administrative information, 

means for delivering one or more of such containers to one 
or more parties, and 

means for enabling the description and/or enforcement of 
at least a portion of such control information prior, during and/or 
subsequent to use of such accoimting and/or other administrative 
information by one or more parties. 

290. A system as in claim 287 where the associating 
means further includes means for associating at least one 
requirement that audit information be collected and dehvered to 
one or more auditing parties, and the delivering means includes 
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means for delivering at least a portion of stich audit information 
to one or more parties. 

291. A system as in claim 288 further induding meiSLns for 
automatically processing at least a portion of such audit 
information, and the system fiirther includes means for 
transmitting further accountings administrative and/or audit 
information to one or more parties that may be the same and/or 
differ from the one or more parties from whom audit information 
was received based at least in part on the receipt and/or content 
of such received audit information. 

292. A system as in claim 287 where at least two of such 
parties are associated with different businesses and/or other 
organizations and the associating means includes means for 
generating control information including information tiiat at 
least in part describes an accounting, administrative, reporting 
and/or other audit relationship between such businesses and/or 
other organizations. 

293. A system as in claim 286, 287, 288, or 290 where 
some or all of such accounting and/or other administrative 
iiiformation is included in such control information. 
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294. A method of distributing content charcurterized by the 
steps of creating one or more first secure containers, associating 
control information with such first containers including 
information describing the conditions under which some or all of 
the content of such first containers may be extracted, delivering 
at leajst a portion of such first containers and such control 
information to one or more parties, detectixig a request by one or 
more of such parties to extract some or all of the content of such 
first containers, determining if such request is permitted in whole 
or in part by such control information, to the extent permitted by 
such control information creating one or more second sectu'e 
containers in accordance with such request and such control 
information, associating control information with such one or 
more second secure containers based at least in part on control 
information associated with such first containers. 

295. A system for distributing content characterized by: 
means for creating one or more first secvire containers, 
means for associating control information with such first 

containers including information describing the conditions under 
which some or all of the content of such first containers may be 
extracted, 

means for delivering at least a portion of such first 
containers and such control information to one or more parties, 
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means for detecting a request by one or more of such 
parties to extract some or all of the content of such first 
containers, 

means for detenniiiing if such request is permitted m 
whole or in part by such control information, to the extent 
permitted by such control infonnaldon creating one or more 
second secure containers id accordance with such request and 
such control information, and 

means for associating control information with sudi one or 
more second secure containers based at least in part on control 
information associated with such first containers. 

296. A method of distributing content characterized by the 
steps of creating one or more first secure containers, associating 
control information with such first sectire containers including 
information describing the conditions under which such first 
secure containers (a) may in whole or in part be embedded into 
and/or securely associated mth one or more second sectu^ 
containers and/or (b) may allow one or more secure containers to 
be in whole or in part embedded into and/or securely associated 
with such first secure containers, delivering at least a portion of 
such first secure containers and such control information to one 
or more parties, detecting a request by one or more of such 
parties or by additional parties to (a) in whole or in part embed 
into and/or securely associate with such first containers one or 
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more second containers and/or (b) in whole or in part embed into 
and/or securely associate with a secure container such first 
secure containers, determining if such request is permitted by 
control information, to the extent permitted by control 
information performing one or more embedding and/or secure 
association operations, to the extent required by control 
information and/or requested by one or more of such parties, 
modifying and/or creating new control information at least in 
part as a consequence of such one or more embedding and/or 
secure association operations. 

297. A system for distributing content characterized by 
means for creating one or more first secure containers, 
means for associating control information with such first 
secure containers including information describing the conditions 
under which such first secure containers (a) may in whole or in 
part be embedded into and/or securely associated with one or 
more second secure containers and/or (b) may allow one or more 
secvure containers to be in whole or in part embedded into and/or 
securely associated with such first secure containers, 

means for delivering at least a portion of such first secure 
containers and such control information to one or more parties, 

means for detecting a request by one or more of such 
parties to (a) in whole or in part embed into and/or securely 
associate with such first containers one or more second 
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containers and/or (b) in whole or in part embed into and/or 
securely associate with a secure container such fixBt secure 
containers, and 

means for determining if such request is permitted by 
control information, to the estent permitted by control ^ 
information performing one or more embedding and/or secuire 
association operations, to the extent required by control 
information and/or requested by one or more of such parties, 
modifying and/or creating new control information at least in 
part as a consequence of such one or more embedding and/or 
secure association operations. 

298. A method of distributing information characterized by 
the steps of protecting information from imauthorized use, 
associating control information with such protected information, 
delivering at least a portion of such protected information to one 
or more parties using plural pathways, deHvering at least a 
portion of such control information to one ot more parties using 
the same or different plural pathways, enabUng at least one of 
such parties to make at least some use of such protected 
information dehvered using a first pathway in accordance with 
control information at least ia portion of which is deUyered xising 
a second pathway. 
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299. A method as in daim 296 in whidi at leant one^^ 
such pathways of delivering protected information and/pr control 
information is described by such control information, 

300. A system for distributing information characterized 

by: 

means for protecting information £rom unauthorized use, 

means for associating control information with such 
protected information, 

means for delivering at least a portion of such protected 
information to one or more parties using plural pathways, 

means for dehvering at least a portion of such control 
information to one or more parties using the same or different 
plural pathways, 

means for enabhng at least one of such parties to make at 
least some use of such protected information delivered using a 
first pathway in accordance with control inforniation at least a 
portion of which is delivered using a second pathway. 

301. A system as in claim 298 wherein the dehvering 
means includes means for delivering, over at least one of such 
pathways, protected information and/or control information 
described by such control information. 
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302. Amethod of distributing iziformati^ 
the steps of protectiBg ixiformation firom 

assocdatiiig control information with such protected information 
inchading infonnation reqiiiring the collection of audit 
information, enabling one or more parties to receive anchor 
process audit information, delivering at least a portion of such 
protected information and such control information to one or 
more parties, enabling at least some use of such protected 
information in accordance with at least a portion of such control 
information that requires the collection of audit information, 
deUvering such audit information to one or more of such enabled 
auditing parties different from such deUvering party or parties. 

303. A method as in claim 300 in which at least one of 
such auditing parties is specified in such control information. 

304. A system for distributing information characterized 

by 

means for protecting information from unauthorized use, 
means for associating control information with such 

protected information including information requiring the 

collection of audit information, 

means for enabHng one or more parties to receive and/or 

process audit information, - 
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means for delivering at least a portion of such protecteid 
information and such control information to one or more parties, 

means for enabling at least some use of such protected 
information in accordance with at least a portion of such control 
information that requires the collection of audit information, and 

means for delivering such audit information to one or more 
of such enabled auditing parties different from such delivering 
party or parties, 

305. A system as in claim 302 in which at least one of such 
auditing parties is specified in such control information. 

306. A secure component-based operating process 

including: 

(a) retrieving at least one component; 

(b) retrieving a record that specifies a component 
assembly; 

(c) checkiing said component and/or said record for validity; 

(d) tising said component to form said component assembly 
in accordance with said record; and 

(e) performing a process based at least in part on said 
component assembly. 

307: A process as in claim 304 wherein said step (c) 
further comprises executing sfidd component assembly. 
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308. A process as in daim 304 wherein said component 
comprises executable code. 

309. A process as in claim 304 wherein said component 
comprises a load module. 

310. A process as in daim 304 wherein: 
said record comprises: 

(i) directions for assembling said component 
and 

(ii) information that at least in part specifies a control; 
and 

said process imiher comprises controlling said step (d) 
and/or said step (e) based at least in part on said control. 

311. A process as in daim 304 wherein said component 
has a security wrapper, and said controlling step comprises 
selectively opening said security wrapper based at least in part 
on said control. 

312. A process as in claim 304 wherein: 

said permissions record includes at least one decryption 
key; and 

said controlling step includes controlling use of sadd 
decryption key. 
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313. A process as in claim 304 induding perfonniiig at 
least two of said steps (a) and (e) within a protected procesising 
environment. 

314. A process as in claim 304 including performing at 
least two of said steps (a) and (e) at least in part within tamper- 
resistant hardware. 

315. A method as in claim 304 wherein said performing 
step (e) includes metering usage. 

316. A method as in claim 304 wherein said performing 
step (e) includes auditing usage. 

317. A method as in claim 304 wherein said performing 
step (e) includes budgeting usage. 

318. A secure component operating system process 

including: 

receiving a component; 

receiving directions specifying vise of said component to 
form a component assembly; 

authenticating said received component and/or said 
directions; 
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forming, tising said component, aaid component assembly 
based at least in part on said received directions; and 

using said component assembly to perform at least one 
operation. 

319. A method comprising performing the following steps 
within a secure operating system environment: 

providing code; 

providing directions specifying assembly of Bedd code into 
an executable program; 

checking said received code and/or said assembly directors 

for validity; and 

in response to occurrence of an event, assembling said code 
in accordance with said received assembly directions to form an 
assembly for execution. 

320. A method for managing at least one resource with a 
secure operating environment, said method comprising: 

securely receiving a first control from a first entity external 
to said operating environment; 

securely receiving a second control from a second entity 
external to said operating environment/said second entity being 
different firom said first entity; 

securely processing, using at least one resource, a data 
item associated with said fiurst and second controls; and 
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securely applying said first and second controls to manage 
said resource for use with said data item. 

321. A method for securely managing at least one 
operation on a data item performed at least in part by an 
electronic arraiigement, said method comprising: 

(a) securely deUvering a first procedure to said electronic 
arrangement; 

(b) seciurely deUveringy to said electronic airangement, a 
second procedure separable or separate fi^m said first procedure; 

(c) performing at least one operation on said data item, 
including using said first and second procedures in combination 
to at leaist in part securely manage said operation; and 

(d) securely conditioning at least one aspect of use of said 
data item based on said delivering steps (a) and (b) having 
occurred 

322. A method as in claim 319 including performing said 
delivering step (b) at a time different from the time said 
delivering step (a) is performed. 

323. A method as in claim 319 wherein said step (a) 
includes delivering sfiiid first procedure from a first source, and 
said step (b) includes dehvering said second procedure from a 
second source different from said first source. 
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324. Amcthodasin dsdmSlSiurtlierindudiBgens^^ 
ttie integrity of said first and second procedures. 

325. A method as in claim 319 fiarther including vcilidating 
each of said first and second procedures. 

326. A method as in daim 319 further including 
authenticating each of said first and second procedures. 

327. A method as in claim 319 wherein said using step (c) 
iodudes executing at least one of said first and second procedures 
within a tamper-resistant environment. 

328 A method as in daim 319 wherein said step (c) 
includes the step of controlhng said data item with at least One of 
said first and second procedtires. 

329. A method as in claim 319 further including 
establishing a relationship between at least one of said first and 
second procedures and said data item. 

330. A method as in clciim 319 further including 
establishing correspondence between said data item and at least 
one of said first and second procedures. 
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331. A method as in claim 319 wherein said delivering 
step (b) comprises delivering at least one load module encrypted 
atleaistinpffirt. 

332. A method as in claim 329 wherein said deiiyering 
step (a) comprises deUvering at least one further load module 
encrypted at least in part. 

333. A method as in daim 319 wherein said delivering 
step (b) comprises delivering at least one content container 
carrying at least in part secure control information. 

334. A method as in claim 319 wherein said delivering 
step (b) comprises delivering a control method and at least one 
further method. 

335. A method as in claim 319 wherein said delivering 

step (a) indndes; 

encrypting at least a portion of said first procedure, 

communicating said at least in part encrypted first 

procedxire to said electronic arrangement, 

decrypting at least a portion of said first procedure at least 
in part using ssdd electronic arrangement, and 

validating said first procedure with said electronic 

arrangement. 
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336. A method as in daim 319 wherein said delivering 
step (b) includes delivering at least one of said first and second 
procedures Mdthin an administrative object 

337. A method as in daim 319 wherein said delivering 
step (b) includes codeHvOTng said second procedure in at least in 

part enoypted form with said dftta item. 



338. A method as in claim 319 wherein said performing 
step includes metering usage. 

339. A method as in daim 319 wherein said performing 
step indudes auditing usage. 

340. A method as in daim 319 wherein said performing 
step includes budgeting usage. 

341. A method for securely managing at least one 
operation performed at least in part by a secure electronic 

appliance, comprising: 

(a) seleding an item that is protected with respect to at 

least one operation; 

(b) securely independently dehvering plural separate 

procedures to said electronic apphance; 
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(c) using Baid pliiral separate procedures in coxnbixiation to 
at least in part securely manage said operaition with respect to 
said selected item; and 

(d) conditioning successful completion of said operation on 
said delivering step (b) having occurred. 

342. A method for processing based on deliverables 
comprising: 

securely delivering a first piece of code defining a first part 
of a process; 

sepiarately, securely deHvering a second piece of code 
defining a second part of said process; 

ensuring the integrity of the first and second delivered 
pieces of code; and 

performing said process based at least in part on said first 
and second dehvered code pieces. 

343. A method as in claim 340 wherein a first piece of code 
for said process at least in part controls decrypting content. 

344. A method as in claim 340 wherein said ensuring step 
includes validating said first and second pieces of code. 
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345. A method as in daim 340 wherein said ensuiing step 
includes validating said first and second pieces of code relative to 
one another. 

346. A method as in daim 340 wherein said performing 
step indudes metering usage. 

347. A method as in claim 340 wherein said perfbnning 
step includes auditing activities. 

348. A method as in daim 340 wherein said performing 
step includes budgeting usage. 

349. A method as in claim 340 wherein said performing 
step includes electronically processing content based on electronic 
controls. 

350. A method of securely controlling at least one 

protected operation with respect to a data item comprising: 

(a) supplying at least a first control from a first party; 

(b) supplying at least a second control from a second party 

different from said first party; 

(c) securely combining said first and second controls to 

form a set of controls; 
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(d) securely assodatmg said control set with^ 8 
item; and 

(e) securely controlling at least one protected operation 
vdth respect to 8 jdd data item based on said control set. 

351. A method as in claim 348 wherein said data item is 
protected. 

352. A method as in claim 348 wherein at least one of said 
plural controls includes a control relating to metering at least one 

aspect of use of said protected data item. 

353. A method as in claim 348 wherein at least one of said 
plural controls include a control relating to budgeting at least one 
aspect of use of said protected data item. 

354. A secure method for combining data items into a 

composite data item comprising: 

(a) securely providing a first data item having at le^^^ 

first control associated therewith; 

(b) securely providing a second data item having at least a 

second control associated therewith; 

(c) forming a composite of said first and second data 

items; 
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(d) securely combiiung said first and second controls into a 

composite control set; and 

(e) perfoniiing at least one operation on said composite of 

said first and second data items baised at least in part on said 
composite control set. 

355. A method as in claim 352 wherein said combining 
step includes preserving each of said first and second controls in 
said composite set. 

356. A method as in daim 352 wherein said performing 
step comprises governing the operation on said composite of said 
first and second data items in accordance with said first control 
and said second control . 

357. A method as in daim 352 wherein said providing step 
includes ensuring the integrity of said assodation between said 
first controls and said first date item is maintained during at 
least one of transmission, storage and processing of said first 
date item. 

358. A method as in claim 352 wherein said providing step 
comprises deUvering said first data item separately fi-om said 
first control . 
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359. A method as in daim 352 wherein said providing step 
comprises codelivering said first data item and said first control . 

360. A secure method for controlling a protected operation 
comprising: 

(a) delivering at least a first control and a second control; 

and 

(b) controlling at least one protected operation based at 
least in part on a combination of said first and second controls, 
includii^ at least one of the following steps: 

resolving at least one conflict between said first and 
second controls based on a predefined order; 

providing an interaction with a user to form said 

combination; and 

dynamically negotiating between said first and second 

controls. 

361. A method as in daim 358 wherein said controlling 
step (b) indudes controlling decryption of electronic content. 

362. A method as in daim 358 fiirther including: 
receiving protected electronic content fi-om a party; and 

authenticating the identity of said party prior to using said 
received protected electronic content. 
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363. A secure method comprifling: 

aelectiiig protected data; 

extracting said proterted data from an obj^^^ 

identifying at least one control to manage at least one 

aspect of use of said extracted data; 

placing said extracted data into a further object; and 
associating said at least one control with said further 

object. 

364 A method as in daim 361 further induding linu 
at least one aspect of use of said further object based on said at 
least one control. 

365. A secure method of modifying a protected object 

comprising: 

(a) providing a protected object; and 

(b) embedding at least one additional element into said 
protected object without unprotecting said obj 

366. A method as in claim 60 further including: 

associating at least one control with said object; and 
limiting usage of said element in accordance with said 

control. 
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367. A method as in daim 363 further incliadmg a 
pennissions rec«rd within said object. 

368. A method as in claim 364 further including at least in 
part encrypting said object. - 

369. A method for managing at least one resource with a 
secure operating environment, said method comprising: 

securely receiving a first load module firom a first entily 
external to said opierating environment; 

securely receiving a second load module firom a second 
entity external to said operating environment, said second entity 
being dififerent from said first entity; 

securely processing, using at least one resource, a data 
item associated with said first and second load modules; and 

securely appl3dng said first and second load modules to 
manage said resource for use with said data item. 

370. A method for negotiating electronic contracts, 

comprising: 

receiving a first control set firom a remote site; 

providing a second control set; 

performing, within a protected processing environment, an 
electronic negotiation between said first control set and said 
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second control set, including providing interaction between said 
first and second control sets; and 

producing a negotiated control set resulting firoin said 
interaction between said first and second control sets. 

371. A system for supporting electronic commerce 
including: 

means for creating a first secure control set at a first 
locatiox^ 

means for creating a second secure control set at a second 
location; 

means for securely communicating said first secure control 
set from said first location to said second location; and 

means at said second location for securely integrating said 
first and second conti-ol sets to produce at least a third confa-ol set 
comprising plural elements together comprising an electronic 
value chain extended agreement. 

372. A system for supporting electronic commerce 
including: 

means for creating a first secure contarol set at a first 
location; 

means for creating a second secure control set at a second 
location; 
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means for securely communicating said first secure control 
set from said first l(»cation to said second location; and 

negotiation means at said second location for negotiatii^ 
an electronic contract ihrou^ secure execution of at 
portion ofsaid first and second secure control sets. - 

373. A system as in daim 370 further including means for 
controlling use by a user of protected information content based 
on at least a portion of said first and/or second control sets. 

374. A system as in claim 370 further including means for 
charging for at least a part of said content use. 

375. A secure component-based operating system 
including: 

component retrieving means for retrieving at least one 
component; 

record retrieving means for retrieving a record that 

specifies a component assembly; 

checking means, operatively coupled to said component 
retrieving means and said record retrieving means, for checking 

said component and/or said record for validity; 

using means, coupled to said checking means, for using 

said component to form said component assembly in accordance 
with said record; and 
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pexfonning meaufi, coupled to said using means, for 
performing a process based at least in part on said component 
assembly. 

376. A secure component-based operating systeim 
including: 

a database manager that retrieves, from a secure database, 

at least one component and at least one record that specifies a 

component assembly; 

ah authenticating manager that chedcs said component 

and/or said record for validity; 

a channel manager that uses said component to form said 
component assembly in accordance with said record; and 

an execution manager that performs a process based at 

least in part on said component assembly. 

377. A secure component operating system including: 
means for receiving a component; 

means for receiving directions specifying use of said 
component to form a component assembly; 

means, coupled to said receiving means, for authenticating 
said received component and/or said directions; 

means, coupled to said authenticating means^ for forming, 
using said component, said component assembly based at least in 
part on said received directions; and 
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meaufi, coupled to said forming means, for usixig said 
component assembly to perform at least one operation. 

378. A secure component operating environment 
including: 

a storage device that stores a component and directions 
speciiying use of said component to form a component assembly; 

an authenticating manager that authenticates said 
component and/or said directions; 

a diannel manager that forms, using said component, said 
component assembly based at least in part on said directions; and 

a channel that executes said component assembly to 

perform at least one operation. 

379. A secure operating system environment comprising: 
a storage device that stores code and directions specifying 

assembly of said code into an executable program; 

a validating device that checks said received code and/or 
said assembly directors for validity; and 

an event-driven channel that, in response to occurrence of 
an event, assembles said code in accordance with said assembly 
directions to form an assembly for execution. 

380. A secure operating environment system for managing 
at least one resource comprising: 
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a commuziications arrangement that securely receives a 
first control from a first entity external to said operating 
environment, and securely receives a second control fi:x)m a 
second entity external to said operating environment, said second 
entity being (^erent firom said first entity; and 

a protected processing environment, coupled to said 
commxmieations arrangement, that: 

(a) securely processes, using at least one resoxirce, a data 
item associated with said first and second controls, and 

(b) securely applies said first and second controls to 
manage said resource for use of said data item. 

381. A system for negotiating electronic contracts, 
comprising: 

a storage arrangement that istores a first control set 
received from a remote site, and stores a second control set; 
a protected processing environment, coupled to said 

storage arrangement, that: 

(a) performs an electronic negotiation between said 

first control set and said second control set, 

(b) provides interaction between said first and 

second control sets, and 

(c) produces a negotiated control set resulting from 
said interaction between said first and second control sets. 
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382. A system as in claim 379 further including means for 
electronicaUy enforcing said negotiated control set. 

383. A system as in claim 379 further including means for 
generating an electronic contract based on said negotiated control 
set. 

384. A method for supporting electronic commerce 
including: 

creating a first secure control set at a first location; 

creating a second secure control set; 

electronicaUy negotiating/ at said location different from 
said first location, an electronic contract, including the step of 
securely executing at least a portion of said first and second 
control sets. 

385. An electronic appUance comprising: 
a processor; and 

at least one memory device connected to said processor; 
wherein said processor includes; 
retrieving means for retrieving at least one component, 
and at least one record that specifies a component assembly, fi:-om 

said memory device, 

checking means coupled to said retrieving means for 

checking said component and/or said record for vaKdity, and 
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using means coupled to said retrieving meanis for using 
said component to fonn said component assembly in accordance 
with said record. 

386. An electronic appliance comprising: 
at least one processor; 

at least one memory device connected to said processor; 

and 

at least one ioput/output connection operatively coupled to 

said processor, 

wherein said processor at least in part executes a rights 
operating system to provide a secure operating environment 
within said electronic appliance. 

387- An electronic appHance as in claim 384 wherein said 
processor includes means for providing a channel, said channel 
assembling independently deHverable components into a 
component assembly and executing said component assembly. 

388, An electronic apphance as in claim 384 further 
including a secondary storage device coupled to said processor, 
said secondary storage device storing a secure database, said 
processor including means for decrypting information obtained 
from said secure database and for encrypting infonnation to be 
written to said secure database. 
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389. An eiectromc appHaiuse as in daim 384 whei^ sai^^ 
processor and said memory device are disposed in a secure, 
tamper-resistance encapsulation. 

390. An electronic appliance as in claim 384 wherein said 
processor includes a hardware encryptor/decryptor. 

391. An electronic appliance as in daim 384 wherein said 
processor includes a real time clock. 

392. An electronic appliance as in claim 384 whereia said 
processor indudes a random number generator. 

393. An electronic appliance as in claim 384 wherein said 
memory device stores audit information. 

394. A method for auditing the use of at least one resource 
with a secure operating environment, said method comprising: 

secvirely receiving a first control fi-om a first entity external 
to said operating environment; 

securely receiving a second control fi-om a second entity 
external to said operating environment, said second entity being 
different from said first entity; 

using at least one resource; 
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securely sending to said first entity in accordance With said 
first control, first audit information concernixig use of said 
resource; and 

securely sending to said second entity in accordance with 
said second control, second audit information concerning use of 
said resource, said second audit information being at least in part 
different from said first audit information, 

395. A method for auditing tile use of at least one resource 
vdth a secure operating environment, said method comprising: 

securely receiving first and second control alternatives 
from an entity external to said operating environment; 

selectiiig one of said first and second control alternatives; 

using at least one resource; 

if said first control alternative is selected by said selecting 

step, securely sending to said entity in accordance with said first 

control alternative, first audit information concerning use of said 

resource; and 

if said second control alternative is selected by said 

selecting step, securely sending to said second entity iD 
accordance with said second control alternative, second audit 
information concerningiise of said resoiarce, said second audit 
information being at least in part different from said first audit 
information. 
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396. A method and/or system for enabling a sale of 
protected digital information that has been previoijaly distributed 
to iisere, the melhod or system being diaracterized by a secure 
element that selectively controls access to the protected digital 
information based on electronic controls associated with the 
information. 

397. A distributed, secure electronic point of sale system or 
method characterized by a secure processing element for 

selectively releasing goods and/or services in exchange for 

compensation. 

398. In a distributed digital network, an advertising 
method characterized by the steps of tracking usage of digital 
information tiiat has associated with it one or more controls with 
respect to access to and/or usage of said information; and 
targeting advertising messages based at least in part on said 
tracking. 

399. A distributed electronic advertising system 
characterized in that the system uses a distributed network of 
interoperable protected processing environments to at least in 
part deliver advertising to users. 
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400. A distributed, secure, virtual black box comprised of 
nodes located at VDE content container creators, other content 
providers, dient users, and recipients of secure VDE content 
usage information) site, the nodeb of said virtual black box 
including a secure subsystem having at least one secure 
hardware element such as a semiconductor element or other 
hardware module for securely executing VDE control processes, 
said secure subsystems being distributed at nodes along a 
pathway of information storage, distribution, payment, usage, 
and/or auditing. 

401 A protected processing system or method providing 
multiple currencies and/or payment arrfimgements for the secure 
processing and releasing of protected digital information. 



402. A distributed secure method or system characterized 

that a user's age is used as a criteria for eleclaronically, 
cnirely releasing inforniation and/or resources to the user. 



m 

se< 



403. A method of renting an electronic appUance defining 
a secure processing environment. 

404. A virtual distribution envrfoiunent providing any one 
or more of the following features and/or elements and/or 
combinations thereof 
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a configurable protected, distributed event management 
system; and/or 

a trusted, distributed transaction and storage management 

arrangement; and/or 

plural pathways for providing information, for control 

information, and/or for reporting; and/or 
multiple payment methods; and/or 
multiple currencies; and/or 
EDI; and/or 

Electronic banking; and/or 
electronic document management; and/or 
electronic secure communicatidn; and/or 
e-mail; and/or 

distributed asynchronous reporting; and/or 

combination asynchronous and online management; and/or 

privacy control by users; and/or 

testing; and/or 

using age as a class; and/or 

appUance control (renting, etc.); and/or 

telecommunicatioiis infrastructure; and/or 

games management; and/or 

extraction of content jfrom an electronic container; and/or 
embedding of content into an electronic container; and/or 
multiple certificate to allow for breach of a key; and/or 
virtual black box; and/or 
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independence of control information finom content; and/or 
multiple, separate, simultaneous control sets for one digital 
information property; and/or 

updating control information for already distributed digital 

informatibn; and/or 

organization information management; and/or 

coupled external and organization internal chain of 

handling and control; and/or 

a content usage consequence management system 

(reporting, payment, etc., multiple directions); and/or 

a content usage reporting system providing dififering audit 
information and/or reduction going to multiple parties holding 

rights in content; and/or 

an automated remote secure object creation system; and/or 
infrastructure background analysis to identify improper 

use; and/or 

seniority of control information system; and/or 

secure distribution and enforcement of rules and controls 

separately from the content they apply to; and/or 

redistribution management by controlling the rights and/or 

number of copies and or pieces etc. that may be redistributed; 

and/or 

an electronic coiomerce taxation system; and/or 
an electronic shopping system; and/or 
an electronic catalog system; and/or 
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a system handling electronic banking, electronic shopping, 
and electronic content usage management; and/or 

an electronic commerce multimedia system; and/or 

a distributed, secure, electronic point of sale system; and/or 

advertising; and/or 

electronics rights management; and/or 

a distributed electronic commerce system; and/or 

a distributed transaction system or environment; and/or 

a distributed event management system; and/or 

a distributed right systems. 

405. A Virtual Distribution Environment substantially as 
shown in Figure 1. 

406. An Information Utility" substantially as shown in 
Figure lA. 

407. A chain of handling and control substantially as 
shown in Figure 1. 

408. Persistent rules and control information substantially 
as shown in Figure 2A. 

409. A method of providing different control information 
substantially as shown in Figure 1. 
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410. Rules and/or control information substantially as 
shown in Figure 4. 

411. An object substantially as shown in Figures 5A and 

5B.- 

A Secure Processing Unit substantially as shown in 

An electronic appUance substsuitially as shown in 

414. An electronic appHance substantially as shown in 
Figures. 

415. A Secure Processing Unit substantially as shown in 
Figure 9. 

416, A ^TUghts Operating System" (TIOS") are^ 
substantially as shown in Figure 10. 

417. Functional relationship(s) between applications and 
the Rights Operating System substantially as shown in Figures 
IIA-IIC^ 



412. 
Figure 6. 

4i3. 
Figure?. 
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418. Components and component assembUes substantially 
as shown in Figures IID-IIJ. 

419. A Rights Operating System substantially ias shown in 
FIGURE 12. - 

420. A method of objection creation substantially as shown 
in Figure 12A. 

421. A/^rotected processing enviromnent" software 
architecture substantially as shown in Figure 13. 

422. A method of supporting a channel stibstantially as 
shown in Figure 15. 

423. A channel header and channel detail record 
substantially as shown in Figure 15 A. 

424. A method of creating a channel substantially as 
shown in Figure 15B. 

425. A secure data base substantially as shown in Figure 

• 16. ■ ■ 

426. A logical object substantially as shown in Figure 17. 
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452. An event method substantially as shown in 
FIGURES 53A-53B. 

453. A billing method substantially as shown in FIGURE 

53C. 

454. An extract method substantially as shown in 
FIGURE 57A. 

455. An embed method substantially as shown in FIGURE 

57A. 

456. An obscure method substantially as shown in 
FIGURE58A. 

457. A fingerprint method substantially as shown in 
FIGURE 58B; 

458. A fingerprint method substantially as shown in 
FIGURE 58C. 

459. A meter method substantially as shown in FIGURE 

6. 
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460. A key ''convolution^ process substantially as shown in 
FIGURE 62, 

461. A process of generating different keys using a key 
convolution process to determine a ^ixue" key substantially as 
shown in FIGURE 63. 

462. A process of initializing protected processing 
environment keys substantially as shown in FIGURES 64 and/or 
65. 

463. A process for decrypting information contained within 
stationary objects substantially as showii in FIGURE 66. 

464. A process for decrypting information contained within 
traveling objects substantially as shown in FIGURE 67, 

465. A process for initializing a protected processing 
environment substantially as shown in FIGURE 68. 

466. A process of downloading firmware into a protected 
processing environment substantially as shown in FIGURE 69, 
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467. Multiple VDE electronic appliances connected together with 
a network or other commtmications means substantially as 
shown in FIGURE 70. 

468. A portable VDE electronic appliance substantially as 
shown in FIGURE 71. 

469. 'Pop-up" displays that may be generated by the user 
notification and exception interface substantially as shown in 
Figures 72A-72D. 

470. A smart object substantially as shown in FIGURE 73. 

471. A method of processing smart objects substantially as 
shown in FIGURE 74, 

472. Electronic negotiation substantially as shown in any 
of FIGURES 75A-75D. 

473. An electronic agreement substantially as shown in 
FIGURES 75E-75F. 

474. Electronic negotiation processes substantially as 
shown in any of FIGURES 76A-76B. 
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475. A chain of handling and control suhstantially as 
shown in FIGURE 77. 

476. A VDE "repository" substantially as shown in 
FIGURE78. 

477. A process of using a chain of handling and control to 
evolve and tr ansf orm ATDE managed content and control 
information substantially as shown in any or all of FIGURES 
79-83. 

478. A chain of handling and control involving several 
categories of VDE participants substantially as shown in 
FIGURE 84. 

479. Achainof distribution and handling within an 
organization substantially as shown in FIGURE 85. 

480. A chain of handling and control substantially as 
shown in Figures 86 and/or 86A, 

481. A virtual sihcon container model substantially as 
shown in Figm-e 87. 
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482. A method ofbiisiness automation characterized by 
the steps of (a) creatmgs one or more secure containers including 
encrypted accounting and/or other administrative information 
content, (b) associating control information with one or more of 
such one or more secure containers including a description of (i) 
the one or more parties whom may use one or more of the one or 
more containers, and (ii) the operations that will be performed for 
one or more parties with respect to such accoimting and/or other 
administrative information, (c) electronically dehvering one or 
more of such one or more containers such to one or more parties, 
and (d) enabling through the use of a protected processing 
environment the enforcement of at least a portion of such control 
information. 

483. A business automation system characteriized by: 
means for providing at least one secure container including 

administrative information content having control information 
associated therewith, and 

a protected processing environment for enforcing, at least 
in part, the control information. 

484- A business automation system comprising (a) 
distributed, interoperable protected processing environment 
installations, (b i secure containers for distribution of digital 
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infonnation, (c) control inforxnEtion supporting the automation of 
chain of handling and control ftmctionB. 

485. A method of business automation characterized by 
the steps of proyiding interoperable protected processing 
environment nodes to plural parties, communicating first 
encrypted digital information from a first party to a second party , 
communicating second encrypted digital information including at 
least a portion of said first commtuiicated digital information 
and/or information related to the use of said first digital 
information, to a third party different from said first or second 
parties, wherein tise of scud second encrypted digital information 
is regulated, at least in part, by an interoperable protected 
processing environment available to said third party. 

486« A business automation system characterized by: 
plural protected processing environment nodes, 
means for communicating digital information between the 
nodes, and 

wherein at least one of the nodes includes means for 
regulating the use of said communicated digital information. 

487. A method for chain of handling and control 
characterized by the steps of (a) a first party placing protected 
digital information into a first software container and stipulating 
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rules and controls go veniing iise of at least a portion of said 
digital information, (b) providing said software container to a 
second party, wherein said second party places said software 
container into a further software container and stipulates rules 
and controls for at least in part managing use of at least a portion 
of said digital information caid/or said first software container by 
a third party, 

488. A chain of handling and control system characterized 

by: 

means for placing digital information into a first software 
container and for stipulating rules and/or controls governing use 
of at least a portion of said digital information, and 

means for placing said software container into a further 
software container and for stip\alating further rules and/or 
controls for at least in part managing use of at least a portion of 
said digital information and/or said first software container. 

489. A system for chain of handling and control including 
{ a) a first container containing at least in part protected digital 
information, (b) at least in part protected control information 
stipulated by a first party establishing conditions for use of at 
least a portion of said digital content, (c) a second container 
different from said first container, said second container 
containing said first container, (d) control information stipulated 
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and advertising information^ (b) means to monitor viewing of at 
least a portion of said advertising information, (c) means to 
charge for user viewing of at least a portioii of said advertising 
information, (d) means to securely communicate information 
based upon said viewing in a secure container, and (e) control 
information related to said containerized digital information for 
managing the communication of said information based upon 
said viewing. 

493. A method for electronic advertising characterized by 
the steps of (a) containerizing digital information including both 
content and advertising information, (b) monitoring user viewing 
of at least a portion of said advertising information, (c) charging 
for user viewing of at least a portioii of said advertising 
information, (d) securely communicating ixiformation based upon 
said viewing in a secure container, and (e) at least in part 
managing, through the use of control information related to said 
advertising information, the communiciEition of information based 
upon said viewing. 

494. A method of clearing transaction information 
characterized by the steps of (a) secxxrely distributing d^tal 
information to a first user of an interoperable protected 
processing environment, (b) securely distributing further digital 
information to a iiser of an interoperable protected processing 
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enviroiimeat different 

information related to usage of said digital information, (d) 
receiving information related to usage of said further digital 
information, and (e) processing information received according to 
steps (c) and (d) to perform at least one of (I) an administratiye, 
or (n) an analysis, function. 

495. A system for clearing transaction information 
including (a) a first container containing at least in part 
protected digital information and associated control information, 

(b) a second secure container containing further at least in part 
protected digital information and associated control information, 

(c) means to distribute said first and second containers to users, 

(d) commimication means for communicating information at least 
in part derived firom user tisage of said first container digital 
information, (e) communication means for communicating 
information at least in part derived fi:'om user usage of said 
second container digital information, (f) processing means at a 
clearinghouse site for receiving the information communicated 
through steps (d) and (e), wherein said processing means perform 
administrative and/or analysis processing of at least a portion of 
said communicated information. 

496. A method for clearinghouse analysis characterized by 
the steps of: (a) enabling plural independent clearinghouses for 



1083 



W09W27155 



P€T/US96A)23a3 



administrating and/or anal3rzing usage of distributed, at least in 
part protected, digital infoimation, (b) providing interoperable 
protected processing envirozmients to plural, independent users, 
and (c) enabling a user to select a clearinghouse for use with an 
interoperable protected processiiig environment 

497. A system for clearinghouse analysis including (a) 
plural independent clearinghouses for administrating and/or 
analyzing usage of distributed, at least in part protected, digital 
information, (b) at least one interoperable protected processing 
environments at each of plural user locationjs, (c) selecting means 
for enabling a \iser to select one of said plural independent 
clearinghouse to perform pa3anent and/or analysis functions 
related to the use of at least a portion of said at least in part 
protected, digital information. 

498. A method of electronic advertising characterized by 
the steps of 

creating one or niore electronic advertisements, 
one or more secure containers including at least a portion of such 
advertisements, 

associating control information with such advertisements 
including control information describing at least one of: (a) 
reporting at least some advertisement usage information to one 
or more content providers, advertisers and/or agents, (b) 
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providing one or more credits to a user based on such user^s 
viewing and/or other usage of such advertisements, (c ) reporting 
advertisement usage information to one or more market analysts, 
(d) providing a user with ordering infonnation for and/or means 
for ordering one of more products and/or services, and/or (e) 
providing one or more credits to a content provider based on one 
or more tisers' vieiRong and/or other usage of st^ 

advertisements, 

providing such containers and such control information to 
one or more users, 

enabling such users to use such containers at least in part 
in accordance with such control information. 

499. A system for electronic advertising including (a) 
means to provide digital information to users for their use, (b) 
means to provide advertising content to said users in 
combination with said digital ioformation, (c ) means to audit use 
of said digital infonnation, (d) means to acquire usag^^ 
information regarding use of advertising content, (e) means to 
securely report information based upon said advertising content 
usage information, and (f) compensating at least one content 
provider at least in part based upon use of such advertising 
content. 
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500. A system for chain of haTidling and control induding 
(a) a first container containing at least in part protected digital 
information, (b) at least in part protected control infomoiation 
stipulated by a first party establishing condition for use of at 
least a portion of said digital content, (c ) a second container 
different from said first container, said second container 
containing said first container, and (d) control information 
stipulated independently by a second party for at least in part 
setting conditions for managing use of the contents of said second 
container. 

501. A method of operating a clearinghouse characterized 
by the steps of receiving losage information related at least in 
part to iise of secure containers from plural parties, determining 
payments due to one or more parties based at least in part on 
such usage information, performing and/or causing to be 
performed transactions resulting in pa3rments to such parties 
based at least in part on such determinations. 

502. An electronic clearinghoiise comprising: 

means for receiving usage information related at least in 
part to aise of secure containers from plural parties, 

means for determining payments due to one or more 
parties based at least in part on such usage information. 
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means for perfonning and/or cauaing to be performed 
trazisactioxis resultdng in payments to such parties based at least 
in part on such determinations. 

503; A method of operating a cleaiinghousecharact^^ 
by the steps of receiving usage information related at least in 
part to use of secvure containers firom plural parties^ determining 
reports of usage for one or more parties based at least in part on 
such usage information, creating and/or causing to be created 
reports of usage based at least in part on such determination, 
delivering at least one of such reports to at least one of such 
parties. 

504. A method of operating a clearin^ouse characterized 
by the steps of receiving permissions and/or other control 
information from one or more content providers including 
information that enables delivery of at least one right in at least 
one secure container to other parties, receiving requests from 
plural parties for one or more rights in one or more secure 
containers, delivering permissions and/pr other control 
information to such parties based at least in part on such 
requests. 

505. A method of operating a clearinghouse characterized 
by the steps of receivirig information from one or more parties 
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establishing a party's identity information, creating one or more 
electronic representations of at least a portion of sioch identity 
information for use in enabling and/or withholding at least one 
right in at least one secure container, performing an operation to 
certify such electronic representations, dehvering such electronic 
representations to such party. 

506. A method of operating a dearinghouise characterized 
by the steps of receiving a request for credit from a party for use 
with secure containers, determining an amoimt of credit based at 
least in part on such request, creating control inforxnation related 
to stich an amount, delivering such control information to such 
user, receiving usage information related to use of such credit, 
performing and/or causing to be performed at least one 
transaction associated with collecting payment from such user. 

507. A method for contributing secure control information 
with respect to an electronic value diain wherein control 
information is contributed by a party not directiy participating in 
said value chain, comprising steps of: aggregating said 
contributed control information with control information 
associated with digital information stipidated by one or more 
parties in an electronic value chain, said aggregate control 
information at least in part managing conditions related to the 
use of at least a portion of said digital information. 
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508. A m€^od for ente]±:ig the paying 
associated with commeitdal events wherein secure control 
information for automaticalLy go verning tax payments for said 
conunercial events is contributed foy a party comprising steps of: 
aggregating siEud secure control information with cohtrol 
information that has been contributed by a separate party and 
controlling at least one condition for use of digital information. 

509. A method for general purpose reiisable electronic 
cn mrn prre arrangement characterized by the steps of: 

(a) providing component structures, modular methods that 
can be configured together to comprise event controlled 

Ot>) providing integrateable protected processing 
environments to plural independent users; 

(c) employing secure communications means for 
commimicating digital control information between integrateable 
protected processing environments; and 

(d) enabling database managers opex^ly connected 

said processing environments for storing at least a portion of said 
provided component modular methods. 

510. A system for general purpose, reusable electronic 
commerce including: 

(a) component modular methods configured together to 
comprise event control structures; 
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(b) at leafit one interoperable procesfiixig environment at 
each of plural independent user locationfi; 

digital control information between interoperable protected 
processing environments; and 

(d) secured database managers operably connected to said 
protected processing environments for storing at least a portion 
of said component modtilar methods. 

511. A general purpose electronic commerce credit system 
including: 

(a) a secure interoperable protected processing 
environment; 

(b) genered purpose credit control information for 
providing credit for user usage of at least in part protected digital 
information; and 

(c) at least in part protected digital information related 
control information for providing necessary information for 
employing credit throtigh the use, at least in part/of said general 
purpose credit control information. 

512, A method for enabling a general piu-pose electronic 
commerce credit system including: 

(a) providing sectire interoperable protected processing 
environments; 
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(b) supplyiiig general piu7>ose credit cont^ 

for providing credit for user usage of at least in part protected 
digital information; and 

(c) providing, at least in part, protected digital iDformation 
related control information for providing necessaiy information 
for emplojdng credit through the use, at least in part, of said 
general purpose credit control information. 

513. A document management system comprising one or 
more electronic appliances containing one or more SPUs and one 
or more secure databases operatively coimected to at least one of 
the SPUs. 

514. An electronic contract system comprising one or more 
electronic appliances containing one or more SPUs and one or 
more secure databases operatively connected to at least one of 
the SPUs. 

515. An electronic appHance containiiig at leMt one SP 
and at least one secure database operatively coimected to at least 
one of the SPU(s). 

516. An electronic appliance bontaining one or more CPUs 
where at least one of the CPUs is integrated with at least one 
SPU, 
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517. An electronic appliance containinig one or more video 
controllers where at least one of the video controUers is 
integriated with at least one SPU. 

518. An electronic appliance containing one or more 
network communications means whene at least one of the 
network communications means is integrated with at least one 
SPU. 

519. An electronic appliance containing one or more 
modems where at least one of the modems is integrated with at 
least one SPU. 

520. An electronic appHance containing one or more CD- 
ROM devices where at least one of the CD-ROM devices is 
integrated with at least one SPU. 

521. An electronic appHance containing one or more set- 
top controllers where at least one of the set-top controllers is 
integrated with at least one SPU. 

522. An electronic appliance containing one or more game 
systems where at least one of the game systems is integrated 
with at least one SPU. 
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523. An integrated circuit supporting multiple encryption 
pignrithmfl comprifling at least one microprocessor, memory^ 
input/output means/at least one circuit for encxypti 
deciTpting information and one or more software programs for 
use with at least one of the microprocessors to perform enciypition 
and/or decryption functions. 

524. An integrated drcxiit comprising at least one 
microprocessor, memory, at least one real time clock, at least one 
random number generator, at least one drctdt for encryptii^ 
and/or deaypting information and independently delivered 
and/or independently deliverable certified software. 

525. An integrated circuit comprising at least one 
microprocessor, memory, input/output means, a tamper resistant 
barrier and at least a portion of a Rights Operating System. 

526. Ari integrated circuit comprising at least one 
microprocessor, memory, input/output means, at le^t one real 
time dock, a tamper resistant barrier and means for recording 
interruption of power to at least one of the real time clocks. 
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167-172,175,176,518,519 


^v"**"9 piyoieins laiBUfu lu* . , . 
Network comnrnirucatlon& 


16. 


173,174,520 


oOMng probfems related to: 
CO-ROM controilers. 


17. 


177,178,521 


ooiving proDiems reiaieo xo. 
SeMop controllers. 


IB. 


178-185,522 


aonnng proDiems retaiea lo* 
Bectronic games. 


19. 


186-193 


solving protdems reiated to: 
lAiltirnecfia coriirnuritcatloris. 
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198,526 


ouiving piuoiems reiaiea io« 
Detection of power isuppt/ interriiption. 


21. 


145,146 


oonnng pruoiBms reiaiBu lo. 
Bttmap data stnxcturss. 


22. 


211,212 


oonnng problems retateo to. 
Modi liar coimol structures* 


23. 




SoMng probteffls related to: 
BUkng and tsudgeting. 


24. 


245,248,253,254.341, 
350-3S3.360.362 


SoMng problems related to: 
Protected processing operations. 


25. 


27,28,247.252.513.515 


Secure datatsase management. 


26w 


263.264 


Solving problems related to: 
Secure eiectronic maiL 


27. 


269-272 


Solving problems related to: 
ContrpUing a rotx>t. 
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Sohring problems related to: 
Business automation. 




'i^Q ^'Si Oiin' 
318,321 *9w 


Solving problems related to: 
Softwrare construction. 


30. 


320,369^80 


Solving problems rotated to: 
Resource nianagemmL 
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Solving problems related to: 
Comt>tntng or modifying data. 
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397 


Solving problems related to: 
Point of sate systems. 
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Advertising, 


34. 


403 


Solving problems related to: 
Renting an appBanca. 


35. 


255-258.281.386 


Solving ptotdema related to: 
RUghts daacritsad in software* 


A oondse analysis shows thai tha Spadai Tdd^ 

dstsrmined by connparison with tha laaturas disctosad in atthar of docutmnts 01 or 02, ara not 
tha same* A comparison of tha ot>[ect^ 
invantions, afl saen m tha fight of tha claacnf^ 

that mesa objactiva pretriams ara ail cSffarent and hava no conaspKindng techmcai effact. 


Consaquandy, the Spedai tadintcal Fratim of thaaa dUf^rant grotips of Inventions are 
neither tha same nor corresponding as defined in f%ila 
the rac^mem d Unity of Invention (Rule 13 J, ^ 


Finally, it ^louid be fiofied thm searching the ac^ 
daims 2-35 wouU hare tnvoh^ 
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